Lucene search
K

246 matches found

Positive Technologies
Positive Technologies
added 2013/02/06 12:0 a.m.9 views

PT-2013-1004

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 6.6 p1-r1 OpenSSH through 6.1 VMware vCenter Server affected versions not specified Check Point GAiA affected versions not specified Description The issue is related to a mechanism in OpenSSH that can cause a denial o...

8.1CVSS7.2AI score0.99506EPSS
Exploits108References84
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/10/31 6:1 a.m.5 views

Mac OS X OpenSSH vulnerable to denial-of-service (DoS)

Overview The OpenSSH implementation in Mac OS X is vulnerable to denial-of-service. The OpenSSH implementation in Mac OS X is vulnerable to denial-of-service. MASAKI KATAYAMA of Appirits inc Cyber Security Laboratory reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

5CVSS6.6AI score
Exploits0References3
OSV
OSV
added 2012/04/05 2:55 p.m.5 views

DEBIAN-CVE-2011-5000

The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may be limited scenarios in which...

3.5CVSS6.2AI score0.02595EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2012/04/04 12:0 a.m.16 views

PT-2012-1158 · Openssh +4 · Openssh +4

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 5.8 and earlier Description: The issue allows remote authenticated users to cause a denial of service, specifically memory consumption, when gssapi-with-mic authentication is enabled. This is due to the ssh gssapi parse ename...

10CVSS7.9AI score0.99506EPSS
Exploits207References346
Positive Technologies
Positive Technologies
added 2012/01/27 12:0 a.m.11 views

PT-2012-1159

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 5.7 OpenSSH versions prior to 6.6 p1-r1 Description The issue allows remote authenticated users to obtain potentially sensitive information by reading debug messages containing authorized keys command options. This ca...

7.5CVSS6.6AI score0.03672EPSS
Exploits0References21
The Hacker News
The Hacker News
added 2011/05/20 11:41 a.m.8 views

Anonymous leaks PSN SSH Logs, Sony is responsible for Data Theft ?

Anonymous leaks PSN SSH Logs, Sony is responsible for Data Theft ? 1. On the Sony servers running the highly outdated Open SSH version 4.4. 2. Current version is 5.7. For those of Sony for encrypted version are used for more than five years several known security holes. 3. Sony server running in...

6.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2008/11/19 5:0 p.m.4 views

CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

6.9AI score0.15395EPSS
Exploits1References40
Positive Technologies
Positive Technologies
added 2008/11/19 12:0 a.m.7 views

PT-2008-1137

Name of the Vulnerable Software and Affected Versions SSH Tectia Client and Server and Connector versions 4.0 through 4.4.11 SSH Tectia Client and Server and Connector versions 5.0 through 5.2.4 SSH Tectia Client and Server and Connector versions 5.3 through 5.3.8 SSH Tectia Client and Server and...

7.5CVSS8.2AI score0.15395EPSS
Exploits1References53
OSV
OSV
added 2008/07/18 4:41 p.m.2 views

DEBIAN-CVE-2008-3234

sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username...

6.5CVSS8.5AI score0.05773EPSS
Exploits1References1
Snyk
Snyk
added 2008/04/02 6:44 p.m.5 views

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass. OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file. Remediation There is no fixed version for openssh...

6.5CVSS6.8AI score0.02223EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.8 views

audit logging of failed logins

Unspecified vulnerability in the linuxauditrecordevent function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party informatio...

4.3CVSS6.8AI score0.02342EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/09/29 12:23 a.m.5 views

local to local copy uses shell expansion twice

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

4.6CVSS6.9AI score0.00474EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2006/07/20 1:1 p.m.11 views

local to local copy uses shell expansion twice

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

4.6CVSS6.9AI score0.00474EPSS
Exploits1References4
OSV
OSV
added 2006/03/07 2:2 a.m.2 views

DEBIAN-CVE-2006-0883

OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service client connection refusal by connecting multiple times to the SSH server, waiting for the...

5CVSS9.3AI score0.01875EPSS
Exploits0References1
Snyk
Snyk
added 2006/01/25 11:3 a.m.2 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. Remediation There is no fixed version for openssh...

5.9CVSS8.6AI score0.00474EPSS
Exploits1References2
Snyk
Snyk
added 2005/09/06 5:3 p.m.4 views

CVE-2005-2797

Overview OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding "-D" option when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality. Remediation There is no fixed version for openssh. References - Mindrot.org...

5.3CVSS6.9AI score0.02204EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2005/07/12 6:12 p.m.6 views

security flaw

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...

4.3CVSS7.3AI score0.0182EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2004/08/31 12:0 a.m.18 views

PT-2004-2559 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program suc...

10CVSS7.5AI score0.99506EPSS
Exploits207References339
OSV
OSV
added 2004/08/18 4:0 a.m.2 views

DEBIAN-CVE-2004-0175

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992...

4.3CVSS8.1AI score0.0182EPSS
Exploits0References1
OSV
OSV
added 2003/12/31 5:0 a.m.2 views

DEBIAN-CVE-2003-1562

sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password...

7.6CVSS8.3AI score0.05573EPSS
Exploits0References1
Rows per page
Query Builder